Understanding hard cases in the general class group algorithm Makoto Suwama Supervisor: Dr. Steve Donnelly The University of Sydney February 2014 1 Introduction This report has studied the general class group algorithm implemented in Magma Computer Algebra System, in particular the cases where the algorithm struggled to find a new relation to generate the class group. We will begin by introducing some definitions and results in the first couple of sections to help define the class group. Then present the definition of the class group and the algorithm for generating it in the subsequent sections, and finally concluding with the description of the hard case with some data. 2 Number fields The term ring in this report means a commutative ring with a multiplicative identity 1 unless explicitly stated otherwise. Definition 2.1 (Algebraic numbers) A complex number α is called algebraic if it is algebraic over Q, that is, if it satisfies a non-zero polynomial with the coefficients in Q. Definition 2.2 (Number field) A number field is a subfield K ⊂ C such that [K : Q] is finite. In particular every element in a number field is algebraic. Now if K is a number field then there exist finitely many algebraic numbers α1 , α2 , ..., αn such that K = Q(α1 , α2 , ..., αn ) due to the degree of the extension being finite. We can also strengthen this observation. Theorem 2.3 If K is a number field then K = Q(θ) for some algebraic number θ. We now define a subring of a number field that is analogue to Z inside Q. Definition 2.4 An algebraic number α is called algebraic integer if it satisfies a monic polynomial with the coefficients in Z. We will denote the set of algebraic integers to be B. In particular this is equivalent to the minimal polynomial of α over Q having coefficients in Z. Definition 2.5 The ring of integers(or the maximal order) OK of a number field K is OK := K ∩ B. In particular the ring of integers of Q is Z. From here on, K denotes an arbitrary number field and O its ring of integers. Definition 2.6 A basis for O as a Z-module is called an integral basis for K(or for O). In particular, an integral basis of K is also a basis of K as a Q-vector space. Theorem 2.7 Every number field K has an integral basis, and O is a free Z- module of rank n equal to the degree of K. Now a number field K is a subfield of C, thus we can consider the embeddings of K into C. Proposition 2.8 Let K be a number field of degree n. Then there exists n distinct monomorphisms σi : K → C, 1 ≤ i ≤ n. Call σi ’s, the embeddings of K. We will let s be the number of real embeddings, that is, the number of embeddings σ such that σ(K) ⊂ R. And call the other embeddings complex and use 2t for the number of them. Using the embeddings and the integral basis, we can define the discriminant of a number field. Definition 2.9 Let K be a number field of degree n with the embeddings {σ1 , σ2 , ..., σn } and an integral basis {α1 , α2 , ..., αn }. We define the discriminant of K (or O) to be the square of the discriminant of n × n matrix whose (i,j)-entry is σi (αj ). That is ∆K := det σ1 (α1 ) σ1 (α2 ) · · · σ1 (αn ) .. .. . σ2 (α1 ) . .. .. ... . . σn (α1 ) ··· · · · σn (αn ) 2 By Theorem 2.7 and Proposition 2.8 the discriminant always exists and is an invariant of the number field. We conclude this section on number fields by introducing a multiplicative function norm. Definition 2.10 Let K be a number field of degree n and σ1 , σ2 , ..., σn be the embeddings. Define the norm of α in K to be N (α) = n Q σi (α) i=1 3 Ideals In the ring of integers O, the prime factorisation of elements do not hold like in Z. As a result, working with elements in this ring may not be appropriate. Instead, we are going to work with ideals of this ring. Definition 3.1 Let a, b be ideals of a ring R, then the product of a and b is defined as n P ab := { αi βi : αi ∈ a, βi ∈ b} i=1 Definition 3.2 Let p be a proper ideal of a ring R. p is a prime ideal if bc ⊆ a =⇒ either b ⊆ a or c ⊆ a Definition 3.3 Let a be a O-submodule of a number field K. a is called a fractional ideal of O if there is a non-zero element c ∈ O such that ca ⊆ O, that is, ca is an ideal of O. Define the set of all non-zero fractional ideals of O to be F. Theorem 3.4 F is an abelian group under multiplication. Theorem 3.5 Every non-zero ideal of the ring of integers O can be written as a product of prime ideals, unique up to the order of factors. Essentially, the prime factorisation of ideals is the reason we are working with ideals rather then elements of the ring. Like the previous section we are going to conclude this section by introducing norm, but this time on ideals. Definition 3.6 Let a be an ideal of the ring of integers O. Define norm of a as N (a) := |O : a| Proposition 3.7 Let α be an element in the ring of integers O, then |N (α)| = N (<α>) 4 Class Group Lemma 4.1 Let P := {a ∈ F : ∃c ∈ O such that c−1 a is a principal ideal}. Then P is a normal subgroup of F. Theorem 4.2 Let the class group of O to be the quotient group F Cl(O) := /P and call h(O) := |Cl(O)| the class number of O. Then Cl(O) is an abelian group of finite order. Corollary 4.3 O is a principal ideal domain if and only if Cl(O) is a trivial group. Theorem 4.4 Every coset of P in F contains an ideal a with p N (a) ≤ Mst |∆| (s+2t)! where Mst :=( π4 )t (s+2t)s+2t and, s and 2t are the number of real and complex embeddings from Proposition 2.8. Definition 4.5 Define factor base to be the set p F B := {p < O : p is a prime ideal and N (p) ≤ Mst |∆|}. Now by Theorem 3.5 and 4.4, we have <F B> Proposition 4.6 Cl(O) = /<F B> ∩ P 5 Class group algorithm In the class group algorithm, we will present the class group in the form similar to Proposition 4.6. That is, treat the class group as a free abelian group generated by ideals in FB and find the relations between the generators. The relations here correspond to < F B > ∩ P in the proposition and is a subgroup of < F B >. Now the algorithm in this report is only described briefly to show the main ideas and the reader should refer to Cohen(1996) for the full detail of the algorithm. Outline of general class group algorithm 1. Generate F B 2. Generate a product of random ideals in F B 3. Find a short element α in the generated product 4. Factorise the principal ideal generated by α 5. If the principal ideal factors over ideals in F B, record the factors as a relation 6. Repeat step 2 to 5 until the stopping condition has been met 6 Hard case Sometimes, the relation recorded in step 5 of the algorithm may already be in the subgroup of relations already found. Such generation of old relations can happen repeatedly in some cases and in this report we have looked at two examples of such a case. In both of the examples, the algorithm generated subgroup of index 2 of all the relations quite smoothly, but had trouble finding the relation in the other coset. Now, going back to the algorithm, notice the generation of a relation is strongly influenced by the choice of the random ideals in step 2. Hence we have tested how the number of random ideals picked in step 2 affected which coset the generated relation belonged. The number field we used for the first example is Q adjoined with the roots of 6 x − 1269 and adjoined the roots of x7 + 23810 for the second example. We generated 1000 relations for each fixed number of random ideals used to form the product and recorded if the relation factorised over F B, and if it did, which coset it belonged. Table 1: Distribution of the relation generated for x6 − 1269 #Ideals NS New Old 2 51 56 893 5 49 127 824 54 205 741 10 52 322 626 20 30 51 393 556 Table 2: Distribution of the relation generated for x7 + 23810 #Ideals NS New Old 2 856 1 143 967 1 32 5 10 972 1 27 975 2 23 20 30 969 4 27 In both of the tables, first column displays the number of random ideals used to form the product. Second column displays the number of relations that did not factorise over F B (stands for non-smooth), third column the number of new relations and the last column the number of old relations generated. In Table 1, the number of new relations clearly increased as the number of ideals increased, while the number of old relations decreased. On the other hand it is not clear whether the number of new relations increased in Table 2, as it may due to sample error. As a result, we have tested the second example again, this time generating 10000 relations each. Table 3: Distribution of the relation generated for x7 + 23810 #Ideals NS New Old 2 8555 18 1427 5 9654 6 340 10 9644 9 347 9636 23 341 20 30 9629 41 330 Now it is clear that the number of new relations increased as the number of ideals increased with the exception of the case with two ideals. Although the number of new relations generated using two ideals is large, the number of old relations is also large as well. Consequently using two ideals has little benefit in this example. In both of the examples, increasing the number of random ideals increased the chance of generating a new relation. This suggests that increasing the number of ideals may be a good strategy for increasing the chance of finding a new relation in general. References [1] Bosma, W. & Cannon, J. & Playoust, C. 1997, The Magma algebra system. I. The user language, Journal of Symbolic Computation, vol. 24, no. 3-4, pp. 235-265. [2] Cohen, H. 1996, A course in computational algebraic number theory, SpringerVerlag, Berlin. [3] Stewart, I. & Tall, D. 1979, Algebraic Number Theory, Chapman and Hall, London.